I think that something else must be going on. I did a test where I added the clear-text password: [root@ipa1 ~]# ipa user-del simon -------------------- Deleted user "simon" -------------------- [root@ipa1 ~]# ipa user-add simon --first=NIS --last=USER --uid=1010 --gid=441 --gecos='Simon Matthews' --homedir=/home/simon --shell=/bin/bash --password Password: Enter Password again to verify: ------------------ Added user "simon" ------------------ User login: simon First name: NIS Last name: USER Full name: NIS USER Display name: NIS USER Initials: NU Home directory: /home/simon GECOS: Simon Matthews Login shell: /bin/bash Principal name: si...@sj.bps Principal alias: si...@sj.bps User password expiration: 20211221005503Z Email address: si...@sj.bps UID: 1010 GID: 441 Password: True Member of groups: ipausers Kerberos keys available: True
Now to test that password: [root@ipa1 ~]# ldapwhoami -Z -H ldap://ipa1.sj.bps -D 'cn=simon,cn=users,cn=accounts,dc=sj,dc=bps' -W Enter LDAP Password: ldap_bind: Invalid credentials (49) The database has a password: [root@ipa1 ~]# ldapsearch -D "cn=Directory Manager" -x -W -b uid=simon,cn=users,cn=accounts,dc=sj,dc=bps uid userPassword Enter LDAP Password: # extended LDIF # # LDAPv3 # base <uid=simon,cn=users,cn=accounts,dc=sj,dc=bps> with scope subtree # filter: (objectclass=*) # requesting: uid userPassword # # simon, users, accounts, sj.bps dn: uid=simon,cn=users,cn=accounts,dc=sj,dc=bps uid: simon userPassword:: e1NTSEE1MTJ9RnF3M1VpeEdmallFU1l4YVdRR2dCbFdUQnY0OExsKzNld1lJSzF UR015ci9WMkJ6TWxaQy9WSXVxUDJYVlRuMURMOVMxeEFpcVBqTFZZRWM4Z0R5cHdpcVNRZytBalZi # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure